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METHOD AND ARCHITECTURE FOR REMOTE 
CONTROL OF A USER STATION VIA AN INTERNET- 
TYPE NETWORK AND APPLICATION THEREOF TO A 
SMART CARD DEMONSTRATOR 



McLean, Virginia 



PRELIMINARY AMENDMENT 



Honorable Commissioner of Patents 

and Trademarks 
Washington, D.C. 20231 

Sir: 

Please amend the subject application, filed concurrently herewith, as 
indicated below: 
IN THE TITLE: 

Delete "MONITORING" and substitute -CONTROL-; 

IN THE SPECIFICATION : 

After the title and before the first paragraph on page 1 at line 5, insert 
the following heading at the left-hand margin: 
-FIELD OF THE INVENTION-: 



Page 1, line 18, before the paragraph beginning "Smart cards...", 
insert the following heading at the left-hand margin: 
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- DESCRIPTION OF RELATED ART -; 

Page 3, at line 5, and before the paragraph beginning "The invention 
v s,eeks ..." insert the following paragraph at the left-hand margin: 
- SUMMARY OF THE INVENTION --; 

Page 5, at line 17 and before the paragraph beginning "The invention 
will now...", insert the following heading at the left hand margin: 
- BRIEF DESCRIPTION OF THE DRAWINGS- ; 

Page 5, at line 25 and before the paragraph beginning "Hereinafter, 
without...", insert the following heading at the left hand margin: 
- DESCRIPTION OF THE PREFERRED EMBODIMENTS -; 

Page 15, after line 12, insert the following new paragraph: 

-While this invention has been described in conjunction with specific 
embodiments thereof, it is evident that many alternatives, modifications and 
variations will be apparent to those skilled in the art. Accordingly, the 
preferred embodiments of the invention as set forth herein, are intended to be 
illustrative, not limiting. Various changes may be made without departing 
from the true spirit and full scope of the invention as set forth herein and 
defined in the claims. — 
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IN THE CLAIMS : 

Please cancel the claims in their entirety and substitute the following 
'qlaim^ for the claims in the application. The claims that follow are a complete 
set of "clean" claims. The original claims marked up to show the changes 
with underlining and bracketing are included as an attachment to this 
Preliminary Amendment: 
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1 \ J --1 7. A method for remote control of a user station using a smart card 

2 via an internet-type network, said user station being equipped with a smart 

3 card reader and comprising a first communication protocol stack, said smart 

4 card reader comprising a second communication protocol stack and said 

5 smart card comprising a third communication protocol stack, allowing 

6 communications between said user station and a remote server connected to 

7 said network and communications between said user station and said smart 

8 card via said smart card reader, said user station also comprising means for 

9 generating requests transmitted to said remote server, characterized in that it 

10 comprises: 

11 - storing (42) in said remote server (4) data and/or instructions in a first 

12 preliminary phase for allowing the generation of specific commands upon 

13 reception of specific requests originating from said request generating means 

14 (1 0) and their transmission to said user station (1 ); 

15 - loading into said user station (1) a second preliminary phase in a 



16 piece of specialized software (8) forming an interface between said first and 

17 second protocol stacks and designed to translate said specific commands 

18 received by said user station (1) into commands that conform to a first given 

19 communication protocol; 



20 - and at least the following steps: 

21 a/ transmitting to said remote server at least one specific request; 

22 b/ generating by said remote server (4), upon reception of said 

23 specific request, at least one of said specific commands and 
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2 4 transmitting said at least one of said specific commands to said 

2 5 user station (1) using a second given communication protocol; 

2 6 \ 1 t ol receiving said specific command in said user station (1), 

27 intercepting said piece of specialized software (8) and translating 

2 8 said piece of specialized software into said first given 
29 communication protocol; 

3 0 d/ using said first given communication protocol to transmit said 

31 translated command to said smart card (2), via said smart reader 

32 (3); and 

3 3 e/ activating at least one given function of at least one application 

34 (26) stored in said smart card (2), by said translated command in 

3 5 order to perform said control of the user station. 

1 18. A method according to claim 1 7, characterized in that said data 

2 and/or instructions stored in said remote server (4) and allowing the 

3 generation of specific commands comprise smart card context data, said 

4 context data being a representation, in the memory of said remote server (4), 

5 of said smart card (2) present in said user station (1). 

1 19. A method according to claim 18 characterized in that, said 

2 smart card (2) is controlled by an operating system associated with a version 

3 number, and said context data comprises at least said version number of the 

4 operating system. 
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20. A method according to claim 17, characterized in that said 
specific commands are the result of the execution of a CGI type script in said 
remote server (4). 

21 . A method according to claim 1 7, characterized in that said piece 
of specialized software (8) is loaded into said user station (1) during said first 
preliminary phase, from a data recording medium. 

22. A method according to claim 1 7, characterized in that said piece 
of specialized software (8) is downloaded into said user station (1) during said 
first preliminary phase, from a remote server, via said internet network (Rf). 

23. A method according to claim 17, characterized in that said first 
given communication protocol is of the TCP/IP type. 

24. A method according to claim 1 7, characterized in that said 
second given communication protocol conforms to ISO standards 7816-1 
through 7816-4. 

25. A method according to claim 1 7, further comprising, subsequent 
to activating said at least one given function, the steps of: 

f/ transmitting data and/or instructions between said smart card (2) 
and said terminal (1), via said smart card reader (3), said 
transmission being performed using said first given communication 
protocol; 
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7 g/ translating said data and/or instructions by said piece of 

8 specialized software (8) and its transmission to said remote server 

9 ' . ' t (4), using said second given communication protocol; 

10 h/ processing said data and/or instructions by said remote server 

11 (4); 

12 j/ generating by said remote server (4) [of] data characteristic of a 

13 configuration of said smart card (2) and/or of an application stored 

14 in said smart card (2), and for the transmission of said 

15 characteristic data to said terminal (1) using a third given 

16 communication protocol; and 

17 \l display of said characteristic data on a display screen (5) 

18 connected to said terminal (1). 



1 26. A method according to claim 25, characterized in that, said 

2 request generating means is constituted by a web type browser (10), and 

3 further comprising storing in said remote server (4) in a third preliminary 

4 phase data constituting static display pages, and subsequent steps 

5 comprising transmitting upon reception of specific requests generated by said 

6 browser (1 0), all or some of said static display page data to said terminal in 

7 order to display pages of information associated with said smart card (2) on 

8 said display screen (5). 



1 27. A method according to claim 26, characterized in that it further 

2 comprises generating, by means of said browser (1 0), in a fourth preliminary 

3 phase a particular request transmitted to a remote server connected to said 
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4 internet network (/=?/), in order to download a particular piece of software 

5 called an applet into the browser (10), so as to automate all or some of said 

6 1 steps'a/ through j/. 

1 28. A method according to claim 27, characterized in that said applet is 

2 written in JAVA language. 

1 29. A method according to claim 25, characterized in that said third 

2 given communication protocol is of the HTTP type. 

1 30. A system architecture for remote control of a user station (1) 

2 using a smart card via an internet-type network (Rl), said user station (1) 

3 being equipped with a smart card reader (3) and comprising a first 

4 communication protocol stack, said smart card reader (3) comprising a 

5 second communication protocol stack and said smart card (2) comprising a 

6 third communication protocol stack, allowing communications between said 

7 user station (1) and a remote server (4) connected to said network and 

8 communications between said user station (1) and said smart card (2) via 

9 said smart card reader (3), said user station (1) also comprising means for 

10 generating requests (10) transmitted to said remote server (4), characterized 

11 in that said remote server (4) comprises a storage device (41, 42) for storing 

12 data and/or instructions allowing the generation of specific commands upon 

13 reception of specific requests originating from said request generating means 

14 (10) and their transmission to said user station (1), and in that said user 

15 station (1) comprises a specialized module (8) forming an interface between 
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16 said first and second protocol stacks and adapted to translate said specific 

17 commands received by said user station (1 ) in conformity with a first given 

18 4 communication protocol, into commands that conform to a second given 

19 communication protocol, in order to transmit them, using said second given 

2 0 communication protocol, via said smart card reader (3) to said smart card (2), 

21 so as to activate at least one given function of at least one application stored 

2 2 in said smart card (2). 

1 31 . A system architecture according to claim 30, characterized in that 

2 said remote server (4) further comprises an HTTP server (40), first storage 

3 device (42) for storing said data and/or instructions allowing the generation of 

4 specific commands, and second storage device (41 ) for storing data 

5 constituting display pages in HTML language. 
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32. A smart card demonstrator (2), using the system architecture 
according to claim 30, said user station (1) comprising a display screen (5) for 
v displaying data transmitted by said remote server (4) to said supplementary 
module (8) and characteristic data of a context of said smart card (2), using a 
third given communication protocol, said characteristic data being generated 
by said remote server (4) upon reception of data sent by said smart card (2), 
using said second given communication protocol, translated by said 
supplementary module (8) and transmitted to said remote server (4) using 
said first given communication protocol. -- 
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IN THE ABSTRACT: 

Please delete the Abstract at page 21 in its entirety and substitute the 
► following new Abstract. (An Abstract showing the changes using brackets 
and underlining is included as an attachment at the end of this Preliminary 
Amendment.) 



/ 
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-ABSTRACT 



' Jhe invention concerns a method and an architecture using a smart 
card (2) for remote control, via an internet-type network (Rf), of a user station 
5 (1 ) comprising a smart card reader (3). The data required to control the 

station (1) are stored (41) in a remote server (4). The station (1) comprises a 
web-type browser (10) that transmits requests to the server (4). In response, 
the latter generates specific commands designed for the smart card (2). The 
station (1 ) comprises a specialized software module (8) forming an interface 

10 between the smart card reader (3) and the internet network (Rl). This module 
(8) translates the specific commands into commands in conformity with the 
ISO 7816-4 standard, and transmits them to the smart card (2) in order to 
activate an application of the latter. The server (4) can also store (42) HTML 
pages. The smart card (2) transmits, via the specialized software module (8), 

15 a response to the remote server (4), which processes it and retransmits the 
data to the browser (10) for display on a screen (5). The invention is 
particularly applicable to a smart card (2) demonstrator.- 
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REMARKS 

This Preliminary Amendment is filed to insert headings to conform the 
application to U.S. practice, and to correct informalities in the specification, 
claims and abstract resulting from a literal translation of the French text. 

Early action on the merits is earnestly solicited. 

Respectfully submitted, 

MILES & STOCKBRIDGE P.C. 



Date: May 25, 2001 




Edward J./^ondracki 
Registration No. 20,604 



1751 Pinnacle Drive - Suite 500 
McLean, VA 22102-3833 
Tel.: 703/903-9000 
Fax: 703/610-8686 



TYSO01:9148001v50IT2146-907272l05\25\01 



13 



T2146-907272-US 3854/BC(PCT) 

The following are the original claims marked up to show the 
changes with underlining and bracketing: 

* 7 

1 --1 7. (Old claim 1 ) [Method] A method for remote control of a user 

2 station using a smart card via an internet-type network, said user station 

3 being equipped with a smart card reader and comprising a first 

4 communication protocol stack, said smart card reader comprising a second 

5 communication protocol stack and said smart card comprising a third 

6 communication protocol stack, allowing communications between said user 

7 station and a remote server connected to said network and communications 

8 between said user station and said smart card via said smart card reader, 

9 said user station also comprising means for generating requests transmitted 

10 to said remote server, characterized in that it comprises: 

11 - [a first preliminary phase for] storing (42) in said remote server (4) 

12 data and/or instructions in a first preliminary phase for allowing the generation 

13 of specific commands upon reception of specific requests originating from 

14 said request generating means (10) and their transmission to said user 

15 station (1); 

16 - [a second preliminary phase for] loading into said user station (1) a 

17 second preliminary phase in a piece of specialized software (8) forming an 

18 interface between said first and second protocol stacks and designed to 

19 translate said specific commands received by said user station (1) into 
2 0 commands that conform to a first given communication protocol; 

21 - and at least the following steps: 

22 a/ [the transmission] transmitting to said remote server [of] at least 
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23 one specific request; 

2 4 b/ [the generation] generating by said remote server (4), upon 

2 5 * ' reception of [such a] said specific request, [of] at least one of said 
2 6 specific commands and [their transmission to] transmitting said at 

2 7 least one of said specific commands to said user station (1) using a 

2 8 second given communication protocol; 

2 9 c/ [the reception of] receiving said specific command in said user 

3 0 station (1 ), [its interception by] intercepting said piece of specialized 
3 1 software (8) and [its translation] translating said piece of specialized 
3 2 software into said first given communication protocol; 

3 3 d/ [the transmission of said translated command to said smart card 

3 4 (2)] using said first given communication protocol to transmit said 

3 5 translated command to said smart card (2) , via said smart reader 

3 6 (3); and 

3 7 el [the activation by said translated command of] activating at least 

3 8 one given function of at least one application (26) stored in said 

39 smart card (2), by said translated command in order to perform said 

4 0 control of the user station . 

1 18. (Old claim 2) [Method] A method according to claim [1] 17, 

2 characterized in that said data and/or instructions stored in said remote server 

3 (4) and allowing the generation of specific commands comprise [so-called] 

4 smart card context data, said context data being a representation, in the 

5 memory of said remote server (4), of said smart card (2) present in said user 

6 station (1). 
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1 19. (Old claim 3) [Method] A method according to claim [2] 18, 

2 characterized in that, said smart card (2)[being] is controlled by an operating 

3 * system associated with a version number, and said context data comprises at 

4 least said version number of the operating system. 

1 20. (Old claim 8) [Method] A method according to claim [1] 17, 

2 characterized in that said specific commands are the result of the execution 

3 of a CGI type script in said remote server (4). 

1 21. (Old claim 9) [Method] A method according to claim [1] 17. 

2 characterized in that said piece of specialized software (8) is loaded into said 

3 user station (1) during said first preliminary phase, from a data recording 

4 medium. 

1 22. (Old claim 10) [Method] A method according to claim [1] 17, 

2 characterized in that said piece of specialized software (8) is downloaded into 

3 said user station (1) during said first preliminary phase, from a remote server, 

4 via said internet network (Rl). 

1 23. (Old claim 11) [Method] A method according to claim [1] 17, 

2 characterized in that said first given communication protocol is of the TCP/IP 

3 type. 
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1 24. (Old claim 12) [Method] A method according to claim [1] 17, 

2 characterized in that said second given communication protocol conforms to 

3 4 IgO standards 7816-1 through 7816-4. 

1 25. (Old claim 4) [Method] A method according to claim [1] 17, 

2 [characterized in that it also comprises] further comprising , subsequent to 

3 [said activation step,] activating said at least one given function, the steps of : 

4 f/ [a step for] transmitting data and/or instructions between said 

5 smart card (2) and said terminal (1), via said smart card reader (3), 

6 said transmission being performed using said first given 

7 communication protocol; 

8 g/ [a step for the translation of] translating said data and/or 

9 instructions by said piece of specialized software (8) and its 

10 transmission to said remote server (4), using said second given 

11 communication protocol; 

12 h/ [a step for the] processing [of this] said data and/or [these] 

13 instructions by said remote server (4); 

14 i/ [a step for the generation] generating by [this] said remote server 

15 (4) [of] data characteristic of a configuration of said smart card (2) 

16 and/or of an application stored in said smart card (2), and for the 

17 transmission of said characteristic data to said terminal (1) using a 

18 third given communication protocol; and 

19 j/ [a step for the] displayf, on a display screen (5) connected to said 
2 0 terminal (1 ),] of said characteristic data on a display screen (5) 

21 connected to said terminal (1) . 



TYSO01 :91 48001 V50IT2 1 46-907272 105\25\01 



17 



T2146-907272-US 3854/BC(PCT) 

1 26. (Old claim 5) [Method] A method according to claim [4] 25, 

2 characterized in that, said request generating means [being] is constituted by 

3 * §i web type browser (1 0), [it comprises a third preliminary phase consisting of] 

4 and further comprising storing in said remote server (4) in a third preliminary 

5 phase data constituting [so-called] static display pages, and subsequent steps 

6 comprising [the transmission, using said third given communication protocol,] 

7 transmitting upon reception of specific requests generated by said browser 

8 (10), [of] all or some of [this] said static display page data to said terminal 

9 using said third given communication protocol in order to display pages of 
10 information associated with said smart card (2) on said display screen (5). 

1 27. (Old claim 6) [Method] A method according to claim [5] 26, 

2 characterized in that it further comprises [a fourth preliminary phase 

3 consisting of] generating, by means of said browser (10), in a fourth 

4 preliminary phase a particular request transmitted to a remote server 

5 connected to said internet network (Rl), in order to download a particular 

6 piece of software called an applet into the browser (10), so as to automate all 

7 or some of said steps a/ through j/. 

1 28. (Old claim 7) [Method] A method according to claim [6] 27, 

2 characterized in that said applet is written in JAVA [(registered trademark)] 

3 language. 
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1 29. (Old claim 13) [Method] A method according to claim [4] 25, 

2 characterized in that said third given communication protocol is of the HTTP 

3 * Jype.' ^ 



1 30. (Old claim 14) [System] A system architecture for remote control 

2 of a user station (1) using a smart card via an internet-type network {Rf), said 

3 user station (1) being equipped with a smart card reader (3) and comprising a 

4 first communication protocol stack, said smart card reader (3) comprising a 

5 second communication protocol stack and said smart card (2) comprising a 

6 third communication protocol stack, allowing communications between said 

7 user station (1) and a remote server (4) connected to said network and 

8 communications between said user station (1) and said smart card (2) via 

9 said smart card reader (3), said user station (1) also comprising means for 

10 generating requests (10) transmitted to said remote server (4), characterized 

11 in that said remote server (4) [is equipped with storage means] comprises a 

12 storage device (41 , 42) for storing data and/or instructions allowing the 

13 generation of specific commands upon reception of specific requests 

14 originating from said request generating means (10) and their transmission to 

15 said user station (1), and in that said user station (1) [is equipped with an 

16 additional so-called] comprises a specialized module (8) forming an interface 

17 between said first and second protocol stacks and [designed] adapted to 

18 translate said specific commands received by said user station (1) in 

19 conformity with a first given communication protocol, into commands that 

2 0 conform to a second given communication protocol, in order to transmit them, 

21 using said second given communication protocol, via said smart card reader 
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22 (3) to said smart card (2), so as to activate at least one given function of at 

23 least one application stored in said smart card (2). 

1 31 . (Old Claim 1 5) [System] A system architecture according to claim 

2 [14] 30, characterized in that said remote server (4) further comprises an 

3 HTTP server (40), first storage [means] device (42) for storing said data 

4 and/or instructions allowing the generation of specific commands, and second 

5 storage [means] device (41) for storing data constituting display pages in 

6 HTML language. 
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* 32* (Old claim 1 6] [Application of the system architecture according to claim 
14 to the creation of a] A smart card demonstrator (2), using the system architecture 
according to claim 30, said user station (1) comprising a display screen (5) for 
displaying data transmitted by said remote server (4) to said supplementary module 
(8) and characteristic data of a context of said [chip] smart card (2), using a third 
given communication protocol, said characteristic data being generated by said 
remote server (4) upon reception of data sent by said smart card (2), using said 
second given communication protocol, translated by said supplementary module (8) 
and transmitted to [this] said remote server (4) using said first given communication 
protocol. - 
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p ArtgAbstract showing the changes using brackets and underlining 
follows: 

[METHOD AND ARCHITECTURE FOR REMOTE MONITORING OF A USER 
STATION VIA AN INTERNET-TYPE NETWORK AND APPLICATION THEREOF 
TO A SMART CARD DEMONSTRATOR 

Inventor: Renaud MARIANA 
Applicant: Bull CP8] 

-ABSTRACT 

The invention concerns a method and an architecture using a smart card (2) 
for remote control, via an internet-type network {Rf), of a user station (1) comprising 
a smart card reader (3). The data required to control the station (1) are stored (41) in 
a remote server (4). The station (1) comprises a web-type browser (10) that 
transmits requests to the server (4). In response, the latter generates specific 
commands designed for the smart card (2). The station (1) comprises a specialized 
software module (8) forming an interface between the smart card reader (3) and the 
internet network [Rl). This module (8) translates the specific commands into 
commands in conformity with the ISO 7816-4 standard, and transmits them to the 
smart card (2) in order to activate an application of the latter. The server (4) can also 
store (42) HTML pages. The smart card (2) transmits, via the specialized software 
module (8), a response to the remote server (4), which processes it and retransmits 
the data to the browser (10) for display on a screen (5). The invention is particularly 
applicable to a smart card (2) demonstrator. 

[FIG. 3] 
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JNj gTHOD AND ARCH ITECTU RE FOR RE MOTE MONITORING OF A 
USER STATION VIA AnIntERNET-TYPE NETWORKANl 



5 The invention relates to a method for remote control of a user station equipped 

with a smart card reader via an internet type network. 

The invention also concerns an architecture for implementing such a method. 
The invention is particularly applicable to a smart card demonstrator. 
In the field of the invention, the term "user station" should be understood in a 
10 general sense. The aforementioned station can particularly be constituted by a 
personal computer running on various operating systems such as WINDOWS or 
UNIX (both of which are registered trademarks). It can also be constituted by a 
workstation, a portable computer or a so-called card terminal, said to be dedicated. 
Hereinafter, a user station of this type will simply be called a "terminal." 
15 Likewise, in the field of the invention, the term "internet network" includes, in 

addition to the Internet per se, private enterprise or similar networks called "intranets" 
and the networks that extend them to the outside, called "extranets." 

Smart cards are used in various fields: banking and health care applications, as 
so-called electronic purses, etc. Moreover, several applications can coexist in a smart 
20 card (multi-application card). 

When a new application is made available in a smart card, it is desirable to be 
able to use terminals, whether dedicated or not, to organize training sessions, 
particularly for presenting the functionalities of this card and its capabilities. These 
training or presentation sessions can be aimed at various audiences: maintenance 
25 personnel, vendors, or even end users. The educational content and the form of the 
presentations to be provided should generally be adapted to the intended audience. 

In the prior art, the solutions traditionally proposed for creating a smart card 
demonstration station, which hereinafter will simply be called a "demonstrator," use a 
personal computer-based configuration and specific programs to control the terminal 
30 and its smart card reader. These programs are most often written in a language of the 
Basic, C++ or Java (registered trademarks) type. 
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This solution, while it generally does not require equipment that is particularly 
expensive (a simple personal computer), is not necessarily free of drawbacks, 
including the following: 

f - r»- the aforementioned specific programs are most often voluminous; 
5 - their installation is also lengthy and complex; 

- it is necessary to save the newly installed programs in the machine and, 
during the first installation, if the machine does not have a program that allows them 
to be saved on a specialized peripheral, of the IOMEGA (registered trademark) type 
or the like, it is also necessary to install such a program; 

10 - for each update of the application stored in the smart card, or when the 

content of the demonstration is different (adapted to the audience in question, for 
example), it is necessary to reiterate the processes mentioned above; and 

- for the operators, learning the operating mode of a piece of software written 
in the languages mentioned above takes time, since their graphical interfaces are not 

15 standardized; the operators must therefore be specialized, which can entail additional 
costs. 

It must be added that if several terminals are used for demonstration purposes, 
the aforementioned drawbacks are repeated for each of these terminals; in particular, 
it is necessary to load the same program x times, if x is the number of terminals, and 

20 the latter can be quite remote from one another. Even if procedures for downloading 
from a central server are used, it is still necessary to make sure that the version of the 
software present in all the terminals is identical. Specific administrative procedures 
are therefore required. 

Furthermore, with the development of the internet network, it is desirable to be 

25 able to control the presentation terminals remotely, via this precise network, using 
standard transmission protocols used in the latter. 

Some solutions of this type have been proposed. However, these solutions are 
not free of drawbacks, either. They essentially make it necessary to download or 
install in the terminal, for each demonstration application, a specific piece of software 

30 known as a "plug-in," generally written C language or C++, so that the terminal can 
communicate with the smart card via a smart card reader. The aforementioned pieces 
of software suffer from the same problems as those mentioned above: voluminous 
code that must be installed or downloaded prior to each demonstration, non- 



standardized graphical interfaces, etc. As before, it is essentially impossible to install 
a plug-in once and for all, since the latter specifically depends not only on the type of 
browser used, but on the application being demonstrated and the versions of the 
control programs. 

5 The invention seeks to eliminate the drawbacks of the methods and devices of 

the prior art, some of which have just been mentioned, while meeting the needs that 
have arisen. 

The object of the invention is to provide a method and a system architecture 
for controlling a terminal equipped with a smart card reader and connected in a 

10 conventional way to an internet-type network, particularly in order to perform 
demonstrations of at least one application stored in the smart card. 

To this end, according to an essential characteristic of the invention, the 
control software specific to each of the demonstration applications is hosted by a 
remote web-type server connected, also in a conventional way, to the internet 

15 network. The terminal itself is equipped with a particular piece of software that will 
hereinafter be called "specialized." Within the context of the invention, the term 
"specialized" used for this piece of software indicates merely that it is a non-standard 
piece of software that must be installed in the terminal, but not in any case that it is 
specific to the application being demonstrated. On the contrary, this piece of software, 

20 from the point of view of an application, is entirely generic and is independent from 
the latter, no matter what it is. 

Moreover, according to another important characteristic, the size of the piece 
of software required can be very small, for reasons linked to the nature of the 
functions devolved to it, which will be explained below. Because of this, it can be 

25 installed once and for all in the terminal and reside there permanently, without 

significantly altering the computing resources specific to the terminal, including its 
memory capacity, particularly if the latter is used for other tasks. 

The invention therefore offers many advantages, including the following: 

- simplified updating of the demonstrations, since only the programs hosted by 
30 the remote server need be modified; specific intervention in the terminals is no longer 

necessary; 

- a fast and simple configuration of the terminal, which can be a standard type 
of microcomputer equipped with a browser, which can also be of a common type on 
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the market, often pre-installed, for the same reasons as mentioned above (the data 
specific to the demonstration itself being located in the server); 

- the graphical interface is also standardized, since it is provided by the 
browser, ; 3 vhose characteristics and operating mode are familiar to the operator of the 

5 terminal, even if the latter does not have any particular programming or computer 
expertise; and 

- the added cost and the increase in complexity due to the specific provisions 
of the invention are negligible, since they are reduced to just one installation of a 
piece of specialized software of small size, an installation which can moreover, under 

10 certain circumstances, be performed once and for all. 

It follows that the present system offers great universality, since the terminal 
can virtually perform all of an enterprise's or a company's demonstrations, no matter 
what the smart card to be presented, the only condition being that the latter be of a 
standardized type so as to be compatible with the terminal, which itself is outside the 

15 strict scope of the invention. The system also provides great reliability. 

The main subject of the invention is a method for remote control of a user 
station via an internet-type network, said user station being equipped with a smart 
card reader and comprising a first communication protocol stack, said smart card 
reader comprising a second communication protocol stack and said smart card 

20 comprising a third communication protocol stack, allowing communications between 
said user station and a remote server connected to said network and communications 
between said user station and said smart card via said smart card reader, said user 
station also comprising means for generating requests transmitted to said remote 
server, characterized in that it comprises: 

25 " a fir st preliminary phase for storing in said remote server data and/or 

instructions allowing the generation of specific commands upon reception of specific 
requests originating from said request generating means and their transmission to said 
user station; 

- a second preliminary phase for loading into said user station a piece of 
30 specialized software forming an interface between said first and second protocol 

stacks, and designed to translate said specific commands received by said user station 
into commands that conform to a first given communication protocol; 

- and at least the following steps: 
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a/ the transmission to said remote server of at least one specific request; 
b/ the generation by said remote server, upon reception of such a request, 
of at least one of said specific commands and their transmission to said 
/ f t user station using a second given communication protocol; 
5 c/ the reception of said specific command in said user station, its 

interception by said piece of specialized software, and its translation into 
said first given communication protocol; 

d/ the transmission of said translated command to said smart card using 
said first given communication protocol, via said smart card reader; and 
10 e/ the activation by said translated command of at least one given function 

of at least one application stored in said smart card, in order to perform 
said control. 

Another subject of the invention is a system architecture for implementing this 
method. 

15 More particularly, the invention applies to the application of the method and 

the system architecture to a smart card demonstrator. 

The invention will now be described in greater detail by referring to the 
attached drawings, in which: 

- Fig. 1 schematically illustrates an exemplary smart card-based application 
20 system architecture according to the prior art: 

- Fig. 2 illustrates in greater detail the logical architecture of such a system; 

and 

- Fig. 3 illustrates an exemplary architecture for the remote control of a smart- 
card based application system according to the invention. 

25 Hereinafter, without in any way limiting its scope, we will concentrate on the 

preferred application of the invention unless otherwise indicated, i.e., its application 
to a smart card demonstrator. 

First of all, let us briefly review the essential technical characteristics of a 
smart card-based application system. It generally includes the following main 

30 elements: 

- a smart card; 

- a host system constituting the aforementioned terminal; 
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- a communication network i.e. the internet network in the preferred 
application; 

- and an application server connected to the internet network. 

/ Fig. 1 schematically illustrates an exemplary architecture of this type. The 
5 terminal 1, for example a personal computer, includes a smart card 2 reader 3. This 
reader 3 may or may not be physically integrated into the terminal 1. The smart card 2 
comprises an integrated circuit 20 whose input-output connections appear on the 
surface of its substrate so as to allow a supply of electric power and communications 
with the terminal 1. The latter comprises circuits 1 1 for access to the internet network. 
10 This may involve a modem for connecting to a switched telephone line or an 
integrated services digital network (ISDN), for example via an Internet service 
provider (or ISP). 

The terminal 1 naturally comprises all the circuits and elements required for its 
operation, which are not represented in order to keep the drawing simple: central 
15 processor, random access and read-only memories, magnetic disk mass storage, 
diskette and/or CD-ROM drive, etc. 

Normally, the terminal 1 is also connected to standard peripherals, which may 
or may not be integrated, such as a display screen 5, a keyboard 6 and a pointer 7, for 
example a mouse. 

20 In the field of the invention, it is specifically due to the cooperation of these 

terminals that the demonstration can be performed. 

The terminal 1 can be placed in communication with servers connected to the 
network RI, one of which 4 is illustrated in Fig. 1. The access circuits 1 1 place the 
terminal 1 in communication with the servers 4 using a particular piece of software 10 

25 called a browser. The latter makes it possible to access various applications 
distributed throughout the network RI, generally in a client-server mode. 

Normally, communications in networks take place in accordance with 
protocols that conform to standards comprising several superposed software layers. In 
the case of an internet-type network RI, communications take place using protocols 

30 that are specific to this type of communication, but that also comprise several 
software layers. The communication protocol is chosen based on the application 
specifically intended: web page queries, file transfers, email, forums or news, etc. 
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The architecture of communication networks is described by various layers. 
For example, the OSI (Open Systems Interconnection) standard defined by the ISO 
comprises seven layers, which go from the so-called lower layers (for example the so- 
cailed physical layer that supports the physical transmission) to the so-called upper 
5 layers (for example the so-called application layer), passing through intermediate 
layers, including the so-called transport layer. A given layer offers services to the 
layer immediately above it and requires other services from the layer immediately 
below it, via appropriate interfaces. The layers communicate by means of primitives. 
They can also communicate with layers of the same level. In certain architectures, one 
10 or more of these layers may be nonexistent. 

In an internet environment, there are five layers, more precisely, going from 
the top layer to the bottom layer, the applications layer (http, ftp, email, etc.), the 
transport layer (TCP), the network address layer (IP), the data link layer (PPP, Slip, 
etc.) and the physical layer. 
15 We will now describe in greater detail a typical example of an architecture for 

a smart-card based application system according to the prior art, with reference to Fig. 
2. More specifically, this figure describes the layered logical architecture. 

The terminal 1 comprises the circuits 1 1 for access to the network RI, which 
contain the lower software layers Q and C 2 corresponding to the aforementioned 
20 physical and data link layers. 

Also represented are the upper layers C 3 and C 4 corresponding to the network 
address (IP) and transport (TCP) layers. The uppermost application layer (http, ftp, 
email, etc.) is represented by a web browser 10 of any type, preferably a standard type 
sold on the market. 

25 The interface between the lower layers Q and C 2 and the upper layers C 3 and 

C 4 is constituted by a software layer 15 generally called a lower layer driver. The 
upper layers C 3 and C 4 are supported by this interface and are implemented by means 
of libraries of specific functions or network libraries 14, with which they correspond. 
In the case of the Internet, TCP/IP is implemented by means of libraries called 

30 "sockets." 

This organization allows the browser 10 to present requests 10 to a remote 
server 4, in order to consult web pages (HTTP protocol), transfer files (FTP protocol) 
or send email (email protocol). 
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The terminal 1 also comprises the smart card reader 3, which may or may not 
be integrated. In order to communicate with the smart card 2, the card reader also 
contains the two lower layers CQ (physical layer) and CC 2 (data link layer), which 
pl^y a rcJe similar to the layers Ci and C 2 . The software interfaces with the layers CQ 
and CC 2 are described, for example, by the PC/SC specification ("part 6, service 
provider"). The layers CCj and CC 2 themselves are described by the ISO 7816-1 and 
7816-4 standards. 

An additional software layer 13 forms an interface between the application 
layers, indicated by the same reference 16, and the lower layers CQ and CC 2 . The 
main function devolved to this layer 13 is a multiplexing/demultiplexing function. 

The architecture of the terminal 1 described up to this point is entirely 
common in the prior art. Fig. 2 also represents, in broken lines, an additional element 
8, which will be called a specialized module and is specific to the invention. This 
module 8 is disposed between the layer C 4 and the interface 13. The function of this 
module will be explained below. 

On the smart-card 2 end, the organization is similar to that of the terminal 1, 
including the presence of two lower layers, referenced CCj (physical layer) and CC 2 
(data link layer), as well as an interface layer 23, entirely similar to the layer 13. This 
layer 23 provides an interface between the aforementioned protocol layers CC'i and 
CC 2 and one or more application layers, represented in the form of a single module 
referenced 26. 

Communications between the terminal 1 and the smart card 2 take place by 
means of standardized commands. 

Various protocols may be used, including the following non-exhaustive 
examples: 

- the ETSI GSM 11.11 recommendation; 

- the protocol defined by the ISO 7816-3 standard, in character mode T=0; 

- the protocol defined by the ISO 7816-3 standard, in block mode T=l ; 

- or the protocol defined by the ISO 3309 standard, in HDLC (for High-Level 
Data Link Control procedure) frame mode. 

Within the scope of the invention, the ISO 7816-3 protocol is preferably used, 
in block mode. 



In an intrinsically known way, each protocol layer is associated with a certain 
number of primitives that allow data exchanges between layers of the same level and 
from one layer to another. 

/ Ii^the current state of the art, it is not possible to place the smart card in direct 
communication with a remote server 4 via the internet network RL Also, as noted, in 
order to perform a demonstration of one or more applications stored in the smart card 
2, it has been proposed in the prior art to either implement specific pieces of software 
in the terminal 1, or download them from a remote server in the form of plug-ins. 
These solutions have many drawbacks, which have already been mentioned. 

We will now describe a system architecture according to the invention that 
makes it possible to eliminate these drawbacks, with reference to Fig. 3. 

With the exception of the specific provisions of the invention, the architecture 
presented in Fig. 3 maintains the essential hardware and software configuration of 
Figs. 1 and 2. Also, only the elements that are indispensable to a proper understanding 
of the invention are represented. Moreover, the common elements of these figures 
have the same references and will only be re-described as necessary. 

It should also be clearly understood that the smart card 2 does not require any 
adaptation. The communications between the terminal 1 and the latter take place, as in 
the prior art, using the sets of standardized commands that have been succinctly 
described. 

Also, in order to keep the drawing simple, the various communication protocol 
layers, intrinsically common in the prior art, are not represented. 

According to a first important characteristic of the invention, the essential 
information and codes required to perform a demonstration of a particular smart card, 
and more generally, to control such a smart card, are located not only in the terminal 
1, in whatever form, (program or specific plug-ins downloaded), but in the remote 
server 4. 

According to a second important characteristic of the invention, a specialized 
module 8 is provided in the terminal 1. However, it should be clearly understood that 
the term "specialized" has a specific meaning within the scope of the invention. The 
module 8 is disposed between the layer C 4 of the protocol stack of the terminal 1 and 
the interface 13 (see Fig. 2), as indicated above. It is advantageously constituted by a 
piece of software and its essential functions are to provide an interface between the 



internet network RI and the smart card reader 3, and to translate commands received 
from the server 4 via the internet network RI into standardized commands that 
conform to the aforementioned ISO standards. In this sense, the module 8 is "generic" 
iivnature^since it is completely independent from the application or applications 
5 stored in the smart card 2. Moreover, given the functions devolved to it, the quantity 
of code required is very small in practice. 

In a more detailed way, the remote server 4 also comprises, for example, 
conventional computer data processing means (not represented), an HTTP server 40 
per se 9 and storage devices 41 and 42, which have arbitrarily been represented 
10 separately. 

A first storage device 41 makes it possible to store display pages that will be 
referred to as "static," for example in HTML or another format (XML, etc.). 

The second storage device, referenced 42, is more particularly designed to 
storing data representing the contexts of the smart card or cards that are subject to a 

15 demonstration. A "smart card context" is a representation in memory of the smart card 
2 at the remote server level 4. The smart card context comprises, for example, the 
version number of the operating system controlling the smart card. The storage device 
42 also makes it possible to store data or instructions that make it possible to generate 
a set of specific commands required for the aforementioned smart card 2 

20 demonstrations. These specific commands will be intercepted by the specialized 

module 8 and translated so that they can be understood by the smart card 2 when they 
are transmitted to it. 

The main steps of the method according to the invention are described below. 
In an intrinsically conventional way, the terminal specifically makes it 

25 possible to power up the smart card, via the smart card reader 3, and more generally, 
to initialize it. More precisely, it is the specialized module 8 that powers up the smart 
card 2, by means of a script executed in the remote server 4. The web browser 10 
makes it possible, in an equally conventional way, to present requests to the remote 
server 4, via a modem 1 1 or a similar device, a conventional transmission channel 100 

30 (a telephone line or another type) and the internet network RI. The transmission path 
normally passes through a service provider, possibly a firewall and/or a so-called 
proxy system (not represented). For example, the request presented makes it possible 
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to display the home page of a web site on the screen 5, and then to navigate this site 
through successively displayed pages based on the options presented. 

The request transmitted to the remote server 4 can also make it possible to 
display p^ges in HTML language related to the smart card 2, pages associated with 
5 the current demonstration and stored in the storage device 41. 

In a way that is more specific to the invention, the request transmitted to the 
remote server 4 results in the generation by the latter of a set of specific commands 
designed to control the smart card 2 during the demonstration. 

In essence, certain specific requests are recognized as such by the server 40 
10 and are processed as part of the context of the smart card stored in the device 42. It 
must be noted that the context of the smart card 2 is updated, for example during the 
powering up of the smart card 2, by using the so-called RESET signal of the latter. 

In an intrinsically conventional way, the generation of the commands 
generated by the server 40 can result from the execution of a CGI (Common Gate 
15 Interface) type script. This is a process that is well known to one skilled in the art in 
the field of client-server communications through the Internet. For example, when a 
formulary type of request is transmitted to a web server, it is transmitted via a 
gateway to a directory normally called "cgi-bin" in which scripts are stored. The data 
resulting from the execution of a particular script are retransmitted through the reverse 
20 path and sent to the client that transmitted the request, in this case in the form of 
specific commands transmitted to the terminal 1. 

However, as noted, the smart card 2 cannot communicate directly with the 
internet network RI and, in particular, can neither receive, nor a fortiori interpret the 
commands transmitted by the server 40. These commands are normally transmitted in 
25 packets, the destination IP address being that of the terminal 1, i.e. the client. 

Likewise, unless a specialized plug-in is installed in the browser 10, the latter cannot 
communicate directly with the smart card 2. 

The specialized module 8 forms an interface, on a first end, with the upper 
protocol layers of the terminal 1, i.e. C 4 (see Fig. 2). The specific commands received 
30 by the terminal 1 are intercepted and "understood" by the module 8 to be intended for 
it. According to one of the essential characteristics of the invention, the latter 
translates them into a set of commands that conform to the aforementioned ISO 
standards. The other commands received are not processed by the module 8, and are 
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transmitted, in conventional fashion, to the browser 10. The server 4 has a separate 
connection 80 with the specialized module 8. This connection can be secure and can 
support an encryption of the so-called SSL (Secure Socket Layer) type. 

Y > Sphematically, in order to better illustrate the method specific to the invention, 
the communication established between the internet network and the module 8 is 
illustrated by a separate channel 80, represented in dotted lines. However, it should be 
understood that all the communications pass through the usual communication 
channels, and take place in conformity with standardized transmission protocols (for 
example TCP/IP for the specialized module 8 and HTTP for the browser 10). 

The module 8 also forms an interface, on a second end, with the smart card 
reader 3. Hence, it transmits to the latter the commands it has received and translated. 
These commands are decrypted if necessary (if the link is secure) and translated. They 
are then understandable by the smart card 2. In essence, after translation, the 
commands retransmitted to the smart card 2, via the reader 3, are in the ISO 7816-4 
format and are therefore compatible with the communication mode used between the 
smart card reader 3 and the smart card 2. 

The commands thus transmitted to the smart card 2 make it possible, for 
example, to power up the smart card 2, and to activate the application or applications 
stored in the latter, for example in order to execute particular functions and/or to read 
specific files stored in the latter. In return, the smart card 2 transmits to the specialized 
module 8, via the smart card reader 3, commands and/or instructions that make it 
possible, in a subsequent step, to display on the screen 5 various data specific to the 
smart card 2 being demonstrated. However, these commands and/or instructions are 
first translated by the specialized module 8, transmitted to the server 4 and 
retransmitted to the terminal 1 and to the browser 10. 

The specialized module 8 is a server of the TCP/IP type that receives TCP/IP 
requests originating from a script executed in the server 40. The communication with 
the specialized module 8 is inserted into a request between the browser 10 and the 
server 40. This script is responsible for executing a series of commands addressed to 
the specialized module 8. The latter then acts like a TCP/IP server and returns a 
response for each TCP/IP command received from the server 40. The aforementioned 
script, which can use a process of the so-called CGI (Common Gateway Interface), or 
Java Servlet (registered trademark) type, processes all of the TCP/IP responses from 
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the specialized module 8. Then, it formats an HTTP type response transmitted to the 
browser 10. Thus, a user (not represented), for example the holder of the smart card 2, 
can interact with this smart card 2 by means of the browser 10, scripts associated with 
thp server ,40, the specialized module 8 and the smart card reader 3. 

The browser 10 makes it possible to display the contents of the smart card 2. 

It is therefore clear that the smart card 2 is actually directly controlled by a 
CGI type process and a card context stored in the server 4. Everything therefore takes 
place as though the smart card 2 were in direct communication with the latter and 
receiving requests from the internet network RI. 

To illustrate the concepts, in order to perform the tasks that are devolved to it, 
the module 8 typically has a size of 50 KB. It can be loaded into the storage means 
(not represented) with which the terminal 1 is provided prior to the start of a 
demonstration, very quickly by reason of its very small size, by means of a diskette 
for example, or from any other recording medium. But for the same reason, it can also 
be left resident without any disadvantages, after an initial load, without significantly 
burdening the resources of the terminal, particularly its storage resources. Again by 
reason of its small size, it is also possible to download it from the remote server 4, or 
from any other web server. With the current technologies, even when using a simple 
switched telephone line having a fast modem (56K), downloading a program of this 
size requires only several tens of seconds. This method has the advantage of always 
having the latest available version of the specialized program constituting the module 
8. 

It is easy to see that it is not necessary for the operator to have any particular 
programming expertise. The graphical interface, which is that of the web browser 10, 
which can advantageously be a well-known type sold on the market, is entirely 
familiar to him. He need only know the Internet address of the web site to which he 
must connect, an address which can be pre-stored in the browser 10, in a list of so- 
called "favorites" or similarly named elements, generally known as "bookmarks." 

Since the server 4 can store, as indicated, so-called static pages in HTML 
language, the various steps of the demonstration to be performed can be displayed in 
the form of a menu constituted by hyperlinks, the operator selecting one of the options 
presented by means of the keyboard 6, or clicking on them by means of the mouse 7. 
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However, in order to further facilitate the running of the demonstration, and to 
make it more automated, it is also possible to download into the browser 10 an applet, 
for example in the form of a piece of software in JAVA language whose size is very 
small. This applet makes it possible to control the running of the demonstration by 
5 transmitting the necessary requests to the server 4, which in turn generates commands 
specific to the specialized module 8, then transmits the result of calculations it 
performs to the browser 10, in the form of an HTTP response. In this case, the 
essential work of the operator can be summarized as connecting to the server 4 and 
possibly, if necessary, in an initial phase, by loading or downloading the piece of 
10 software constituting the specialized module 8 after having powered up the terminal 1 
and having inserted the smart card 2 into the reader 3. 

By reading the above, it is easy to see that the invention clearly achieves the 
objects set forth. 

The smart card does not require any adaptation. The demonstration terminal 

15 can be a microcomputer sold on the market or a similar device. It doesn't require any 
particular adaptation either. The only constraint specific to the invention is very 
limited: it is merely necessary to load, in a preliminary phase, a piece of software of 
small size, a piece of software that is entirely independent from the application or 
applications stored in the smart card during a demonstration. As indicated, this piece 

20 of software can be loaded once and for all. It can also be downloaded from the 
internet network. It follows that the configuration of a demonstration station is 
reduced to its simplest expression and does not require any particular expertise, which 
also contributes to making the method particularly economical. 

The graphical interface is familiar to any operator, since it is the one 

25 associated with a web browser, which can advantageously be a common type. 

The method allows great flexibility and great universality. In fact, the data 
specific to one or more demonstrations is stored in a remote server and is capable of 
being used by a large number of stations. The updating of a given demonstration 
and/or the addition of one or more demonstrations can be done very simply, since 

30 only the remote server storing the data and the programs required for these 
demonstrations is involved. 

The method also allows an interactive mode between pages, for example of 
the HTML type, provided by the remote server, and information and data originating 



from the smart card, under the control of commands and requests originating from this 
same server, and transmitted, after translation, to the smart card by the piece of 
specialized software, via the reader. 

It ? should be clear, however, that the invention is not limited to just the 
5 exemplary embodiments explicitly described, particularly in relation to the 
architecture illustrated by Fig. 3. 

Finally, although the method and the architecture have been described in detail 
in the case of a smart card demonstrator, the invention is not in any way limited to this 
particular application. 
10 The invention is applicable whenever one wishes to control a station 

comprising a terminal and a smart card reader, via the Internet or a similar type of 
network: intranet, extranet. 
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CLAIMS 



1 1 . Method for remote control of a user station via an internet-type 

2 network, ,said user station being equipped with a smart card reader and comprising a 

3 first communication protocol stack, said smart card reader comprising a second 

4 communication protocol stack and said smart card comprising a third communication 

5 protocol stack, allowing communications between said user station and a remote 

6 server connected to said network and communications between said user station and 

7 said smart card via said smart card reader, said user station also comprising means for 

8 generating requests transmitted to said remote server, characterized in that it 

9 comprises: 

10 - a first preliminary phase for storing (42) in said remote server (4) data and/or 

1 1 instructions allowing the generation of specific command upon reception of specific 

12 requests originating from said request generating means (10) and their transmission to 

1 3 said user station ( 1 ); 

14 " a second preliminary phase for loading into said user station (1) a piece of 

15 specialized software (8) forming an interface between said first and second protocol 

16 stacks and designed to translate said specific commands received by said user station 

17 (1) into commands that conform to a first given communication protocol; 

18 - and at least the following steps: 

19 %I the transmission to said remote server of at least one specific request; 

20 b/ the generation by said remote server (4), upon reception of such a 

21 request, of at least one of said specific commands and their transmission to 

22 said user station (1) using a second given communication protocol; 

23 c/ the reception of said specific command in said user station (1), its 

24 interception by said piece of specialized software (8) and its translation 

25 into said first given communication protocol; 

26 d/ the transmission of said translated command to said smart card (2) using 

27 said first given communication protocol, via said smart reader (3); and 

28 e/ the activation by said translated command of at least one given function 

29 of at least one application (26) stored in said smart card (2), in order to 

30 perform said control. 
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1 2. Method according to claim 1 , characterized in that said data and/or 

2 instructions stored in said remote server (4) and allowing the generation of specific 

3 commands comprise so-called smart card context data, said context being a 

4 representation, in the memory of said remote server (4), of said smart card (2) present 

5 in said user station ( 1 ). 

1 3. Method according to claim 2, characterized in that, said smart card (2) 

2 being controlled by an operating system associated with a version number, said 

3 context comprises at least said version number of the operating system, 

1 4. Method according to claim 1 , characterized in that it also comprises, 

2 subsequent to said activation step, at least: 

3 fl a step for transmitting data and/or instructions between said smart card 

4 (2) and said terminal (1), via said smart card reader (3), said transmission 

5 being performed using said first given communication protocol; 

6 g/ a step for the translation of said data and/or instructions by said piece of 

7 specialized software (8) and its transmission to said remote server (4), 

8 using said second given communication protocol; 

9 hi a step for the processing of this data and/or these instructions by said 

1 0 remote server (4); 

11 i/ a step for the generation by this server (4) of data characteristic of a 

12 configuration of said smart card (2) and/or of an application stored in said 

13 sm art card (2), and for the transmission of said characteristic data to said 

14 terminal (1) using a third given communication protocol; and 

15 j/ a ste P for the display, on a display screen (5) connected to said terminal 

1 6 ( 1 ), of said characteristic data. 

1 5. Method according to claim 4, characterized in that, said request 

2 generating means being constituted by a web type browser (10), it comprises a third 

3 preliminary phase consisting of storing in said remote server (4) data constituting so- 

4 called static display pages, and subsequent steps comprising the transmission, using 

5 said third given communication protocol, upon reception of specific requests 

6 generated by said browser (10), of all or some of this data to said terminal in order to 
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display pages of information associated with said smart card (2) on said display 
screen (5). 



^ 6. , Method according to claim 5, characterized in that it comprises a 
fourth preliminary phase consisting of generating, by means of said browser (10), a 
particular request transmitted to a remote server connected to said internet network 
CRT), in order to download a particular piece of software called an applet into the 
browser (10), so as to automate all or some of said steps a/ through j7. 

7. Method according to claim 6, characterized in that said applet is 
written in JAVA (registered trademark) language. 

8. Method according to claim 1, characterized in that said specific 
commands are the result of the execution of a CGI type script in said remote server 
(4). 



9. Method according to claim 1, characterized in that said piece of 
specialized software (8) is loaded into said user station (1) during said first 
preliminary phase, from a data recording medium. 

10. Method according to claim 1, characterized in that said piece of 
specialized software (8) is downloaded into said user station (1) during said first 
preliminary phase, from a remote server, via said internet network (RI). 

11. Method according to claim 1, characterized in that said first given 
communication protocol is of the TCP/IP type. 

12. Method according to claim 1, characterized in that said second given 
communication protocol conforms to ISO standards 7816-1 through 7816-4. 

13. Method according to claim 4, characterized in that said third given 
communication protocol is of the HTTP type. 
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1 14. System architecture for remote control of a user station (1) via an 

2 internet-type network (RI), said user station (1) being equipped with a smart card 

3 reader (3) and comprising a first communication protocol stack, said smart card reader 

4 (3) comprising a second communication protocol stack and said smart card (2) 

5 comprising a third communication protocol stack, allowing communications between 

6 said user station (1) and a remote server (4) connected to said network and 

7 communications between said user station (1) and said smart card (2) via said smart 

8 card reader (3), said user station (1) also comprising means for generating requests 

9 (10) transmitted to said remote server (4), characterized in that said remote server (4) 

10 is equipped with storage means (41, 42) for storing data and/or instructions allowing 

1 1 the generation of specific commands upon reception of specific requests originating 

12 from said request generating means (10) and their transmission to said user station (1), 

13 and in that said user station (1) is equipped with an additional so-called specialized 

14 module (8) forming an interface between said first and second protocol stacks and 

15 designed to translate said specific commands received by said user station (1) in 

16 conformity with a first given communication protocol, into commands that conform to 

17 a second given communication protocol, in order to transmit them, using said second 

18 given communication protocol, via said smart card reader (3) to said smart card (2), so 

19 as to activate at least one given function of at least one application stored in said smart 

20 card (2). 

1 15. System architecture according to claim 14, characterized in that said 

2 remote server (4) comprises an HTTP server (40), first storage means (42) for storing 

3 said data and/or instructions allowing the generation of specific commands, and 

4 second storage means (41) for storing data constituting display pages in HTML 

5 language. 

1 16. Application of the system architecture according to claim 14 to the 

2 creation of a smart card demonstrator (2), said user station (1) comprising a display 

3 screen (5) for displaying data transmitted by said remote server (4) to said 

4 supplementary module (8) and characteristic of a context of said chip card (2), using a 

5 third given communication protocol, said characteristic data being generated by said 

6 remote server (4) upon reception of data sent by said smart card (2), using said second 

19 
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given communication protocol, translated by said supplementary module (8) and 
transmitted to this remote server (4) using said first given communication protocol. 
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METHOD AND ARCHITECTURE FOR REMOTE MONITORING OF A 
USER STATION VIA AN INTERNET-TYPE NETWORK AND 
APPLICATION THEREOF TO A SMART CARD DEMONSTRATOR 



Inventor: Renaud MARIANA 
Applicant: Bull CP8 



10 ABSTRACT 

The invention concerns a method and an architecture for remote control, via 
an internet-type network (RI), of a user station (1) comprising a smart card reader (3). 
The data required to control the station (1) are stored (41) in a remote server (4). The 

15 station (1) comprises a web-type browser (10) that transmits requests to the server (4). 
In response, the latter generates specific commands designed for the smart card (2). 
The station (1) comprises a specialized software module (8) forming an interface 
between the smart card reader (3) and the internet network (/?/). This module (8) 
translates the specific commands into commands in conformity with the ISO 7816-4 

20 standard, and transmits them to the smart card (2) in order to activate an application of 
the latter. The server (4) can also store (42) HTML pages. The smart card (2) 
transmits, via the specialized software module (8), a response to the remote server (4), 
which processes it and retransmits the data to the browser (10) for display on a screen 
(5). 

25 The invention is particularly applicable to a smart card (2) demonstrator. 
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